dridex | 50aa36d389a73ab50bd439d3e9d1dd5635206ac29650cda80409313dfc98163e | Triage

Resubmissions

10-11-2024 19:55

241110-ym6q1stenp 10

10-11-2024 13:01

241110-p896wswqaz 10

Sharing

General

Target

50aa36d389a73ab50bd439d3e9d1dd5635206ac29650cda80409313dfc98163eN
Size

216KB
Sample

241110-ym6q1stenp
MD5

018133ba715c9b4b6d78aff4eab51de0
SHA1

7a4bb8855e757b0455fbdc6c6f293b8efe4a56af
SHA256

50aa36d389a73ab50bd439d3e9d1dd5635206ac29650cda80409313dfc98163e
SHA512

515ebfe59269d3d1d5377dada2042c6ffe3cd6da6205096a20bcfd30691669b9d763dc2888d4f465a53616b3c196fb8c1fdbebaeeaea931dfd9ddaeab221353f
SSDEEP

3072:+KHeQ1cNWDtPeDoCumpQ7QpF+5yW27o20:PF1cgcDyvWFvWD

Score

10^/10

dridex botnet discovery

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Targets

- Target
  
  50aa36d389a73ab50bd439d3e9d1dd5635206ac29650cda80409313dfc98163eN
- Size
  
  216KB
- MD5
  
  018133ba715c9b4b6d78aff4eab51de0
- SHA1
  
  7a4bb8855e757b0455fbdc6c6f293b8efe4a56af
- SHA256
  
  50aa36d389a73ab50bd439d3e9d1dd5635206ac29650cda80409313dfc98163e
- SHA512
  
  515ebfe59269d3d1d5377dada2042c6ffe3cd6da6205096a20bcfd30691669b9d763dc2888d4f465a53616b3c196fb8c1fdbebaeeaea931dfd9ddaeab221353f
- SSDEEP
  
  3072:+KHeQ1cNWDtPeDoCumpQ7QpF+5yW27o20:PF1cgcDyvWFvWD
Score

10^/10

dridex botnet discovery
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Deletes itself
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridexbotnetdiscovery